package org.apache.jetspeed.security.impl.cas;

import java.io.IOException;
import java.security.Principal;
import javax.security.auth.Subject;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;
import org.apache.jetspeed.Jetspeed;
import org.apache.jetspeed.PortalReservedParameters;
import org.apache.jetspeed.administration.PortalAdministration;
import org.apache.jetspeed.administration.PortalConfiguration;
import org.apache.jetspeed.administration.PortalConfigurationConstants;
import org.apache.jetspeed.administration.RegistrationException;
import org.apache.jetspeed.components.ComponentManager;
import org.apache.jetspeed.login.LoginConstants;
import org.apache.jetspeed.login.filter.PortalRequestWrapper;
import org.apache.jetspeed.profiler.impl.JetspeedProfilerImpl;
import org.apache.jetspeed.security.GroupManager;
import org.apache.jetspeed.security.RoleManager;
import org.apache.jetspeed.security.SecurityException;
import org.apache.jetspeed.security.SubjectHelper;
import org.apache.jetspeed.security.User;
import org.apache.jetspeed.security.UserManager;

/* loaded from: input_file:tomcat-portal.zip:webapps/jetspeed/WEB-INF/lib/jetspeed-portal-2.3.0.jar:org/apache/jetspeed/security/impl/cas/CASPortalFilter.class */
public class CASPortalFilter implements Filter {
    public static String CAS_FILTER_USER = "edu.yale.its.tp.cas.client.filter.user";
    protected String guest = JetspeedProfilerImpl.DEFAULT_GUEST_PRINCIPAL_NAME;

    @Override // javax.servlet.Filter
    public void init(FilterConfig filterConfig) throws ServletException {
        PortalConfiguration configuration = Jetspeed.getConfiguration();
        if (configuration != null) {
            this.guest = configuration.getString(PortalConfigurationConstants.USERS_DEFAULT_GUEST);
        }
    }

    @Override // javax.servlet.Filter
    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        Principal principal;
        HttpServletRequest httpServletRequest = null;
        if (servletRequest instanceof HttpServletRequest) {
            HttpServletRequest httpServletRequest2 = (HttpServletRequest) servletRequest;
            ComponentManager componentManager = Jetspeed.getComponentManager();
            UserManager userManager = (UserManager) componentManager.lookupComponent("org.apache.jetspeed.security.UserManager");
            HttpSession session = httpServletRequest2.getSession(true);
            String str = (String) session.getAttribute(CAS_FILTER_USER);
            System.out.println("user: " + str);
            RoleManager roleManager = (RoleManager) componentManager.lookupComponent("org.apache.jetspeed.security.RoleManager");
            GroupManager groupManager = (GroupManager) componentManager.lookupComponent("org.apache.jetspeed.security.GroupManager");
            User user = null;
            try {
                user = userManager.getUser(str);
            } catch (SecurityException e) {
                System.out.println("user: " + str + " not in j2 db");
                PortalAdministration portalAdministration = (PortalAdministration) componentManager.lookupComponent("PortalAdministration");
                try {
                    roleManager.getRoles("user");
                    groupManager.getGroups("");
                    portalAdministration.registerUser(str, portalAdministration.generatePassword());
                } catch (RegistrationException e2) {
                    System.out.println("user: " + str + " not created");
                } catch (SecurityException e3) {
                    System.out.println("user: " + str + " not created");
                }
            }
            try {
                Subject subject = userManager.getSubject(user);
                servletRequest = wrapperRequest(httpServletRequest2, subject, user);
                httpServletRequest2.getSession().removeAttribute(LoginConstants.ERRORCODE);
                session.setAttribute(PortalReservedParameters.SESSION_KEY_SUBJECT, subject);
                System.out.println("*** login session = " + session);
            } catch (SecurityException e4) {
                throw new ServletException(e4);
            }
        } else {
            Subject subject2 = (Subject) httpServletRequest.getSession().getAttribute(PortalReservedParameters.SESSION_KEY_SUBJECT);
            if (subject2 != null && ((principal = SubjectHelper.getPrincipal(subject2, User.class)) == null || !principal.getName().equals(this.guest))) {
                servletRequest = wrapperRequest(null, subject2, principal);
            }
        }
        servletRequest.setAttribute(PortalReservedParameters.PORTAL_FILTER_ATTRIBUTE, "true");
        if (filterChain != null) {
            filterChain.doFilter(servletRequest, servletResponse);
        }
    }

    private ServletRequest wrapperRequest(HttpServletRequest httpServletRequest, Subject subject, Principal principal) {
        return new PortalRequestWrapper(httpServletRequest, subject, principal);
    }

    @Override // javax.servlet.Filter
    public void destroy() {
    }
}
